Test ID:	1.3.6.1.4.1.25623.1.0.804400
Category:	FTP
Title:	Titan FTP Server < 10.40.1829 Multiple Directory Traversal Vulnerabilities
Summary:	Titan FTP Server is prone to multiple directory traversal; vulnerabilities.
Description:	Summary: Titan FTP Server is prone to multiple directory traversal vulnerabilities. Vulnerability Insight: The following vulnerabilities exist: - It is possible to copy the complete home folder of another user by leveraging a vulnerability on the Titan FTP Server Web Interface. - It is possible to obtain the complete list of existing users by writing '/../' on the search bar. - It is possible to observe the 'Properties' for an existing user home folder. This also allows for enumeration of existing users on the system. Vulnerability Impact: Successful exploitation will allow remote attackers to read arbitrary files and information on the target system. Affected Software/OS: Titan FTP Server version 10.32 Build 1816. Solution: Update to version 10.40 Build 1829 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2014-1841 BugTraq ID: 65462 http://www.securityfocus.com/bid/65462 http://www.exploit-db.com/exploits/31579 http://archives.neohapsis.com/archives/fulldisclosure/2014-02/0092.html http://www.osvdb.org/103195 Common Vulnerability Exposure (CVE) ID: CVE-2014-1842 http://www.osvdb.org/103196 Common Vulnerability Exposure (CVE) ID: CVE-2014-1843 BugTraq ID: 65469 http://www.securityfocus.com/bid/65469 http://www.osvdb.org/103197
Copyright	Copyright (C) 2014 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.